Article Details
Scrape Timestamp (UTC): 2024-04-01 20:32:28.035
Original Article Text
Click to Toggle View
Google now blocks spoofed emails for better phishing protection. Google has started automatically blocking emails sent by bulk senders who don't meet stricter spam thresholds and authenticate their messages as required by new guidelines to strengthen defenses against spam and phishing attacks. As announced in October, the company now requires those who want to dispatch over 5,000 messages daily to Gmail accounts to set up SPF/DKIM and DMARC email authentication for their domains. The new guidelines also require bulk email senders to avoid sending unsolicited or unwanted messages, provide a one-click unsubscribe option, and respond to unsubscription requests within two days. Spam rates must also be maintained below 0.3%, and "From" headers must not impersonate Gmail. Non-compliance may result in email delivery issues, including rejected emails or emails being automatically sent to recipients' spam folders. "Bulk senders who don't meet our sender requirements will start getting temporary errors with error codes on a small portion of messages that don't meet the requirements," Google says. "These temporary errors help senders identify email that doesn't meet our guidelines so senders can resolve issues that prevent compliance." "Starting in April 2024, we'll begin rejecting non-compliant traffic. Rejection will be gradual and will impact non-compliant traffic only. We strongly recommend senders use the temporary failure enforcement period to make any changes required to become compliant." The company also plans to enforce these requirements starting in June, with an accelerated timetable for domains used to send bulk emails since January 1, 2024. As Google claimed when the new guidelines were first announced, its AI-powered defenses can successfully block nearly 15 billion unwanted emails daily, preventing over 99.9% of spam, phishing attempts, and malware from infiltrating users' inboxes. "You shouldn't need to worry about the intricacies of email security standards, but you should be able to confidently rely on an email's source," said Neil Kumaran, Group Product Manager for Gmail Security & Trust in October. "Ultimately, this will close loopholes exploited by attackers that threaten everyone who uses email."
Daily Brief Summary
Google has implemented stricter spam filters that automatically block emails from bulk senders not adhering to enhanced authentication standards.
Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) authentication are now mandatory for bulk senders targeting Gmail users.
New measures require less than 0.3% spam rate, an easy unsubscribe process, quick unsubscription response, and accurate "From" headers, preventing Gmail impersonation.
Non-compliant bulk senders will initially encounter temporary errors starting in April 2023, escalating to outright rejection of non-compliant traffic by April 2024.
Bulk senders have been advised to adjust their practices during the temporary error phase before stricter enforcement begins.
Google's AI-powered defenses claim to block nearly 15 billion unwanted emails daily, keeping spam, phishing, and malware at bay with a 99.9% success rate.
The security update aims to simplify trust in email sources for users and eliminate vulnerabilities leveraged by cyber attackers.